<?
	if(isset($_POST['btnsubmit']))
	{

		require("required/dbconnect.php");
		require("required/email.php");
		require("required/share_function.php");
		require("required/function.php"); 

		

		if(empty($_SESSION['cart']))
		{
			header("Location:os_invalid.php?error=3");
		}

		
		
		require_once('required/recaptchalib.php');
		$resp = recaptcha_check_answer ($captcha_key_private,
										$_SERVER["REMOTE_ADDR"],
										$_POST["recaptcha_challenge_field"],
										$_POST["recaptcha_response_field"]);
		

		$name=$_POST['name'];
		$membership_number=$_POST['membership_number'];
		$hpnumber=$_POST['hpnumber'];
		$address1=$_POST['address1'];
		$address2=$_POST['address2'];
		$postcode=$_POST['postcode'];
		$country=$_POST['country'];
		$city=$_POST['city'];
		$state=$_POST['state'];
		$email=$_POST['email'];		
		$service_preferred = $_POST['service_preferred'];
		$discount_voucher = $_POST['discount_voucher'];
		
		$purchase_remarks=mysql_escape_string($_POST['message']);

		$chk_email=mysql_query("select id from os_member where email='$email'");
	
		
		$isnew=$_POST['isnew'];
		$cansubmit=true;

	
			if($isnew==1)
			{

				$password=$_POST['password'];				
				$member_type=$_POST['member_type'];
				$chkemail=mysql_num_rows(mysql_query("select * from os_member where email='$email'"));
				$msg1="";
				$msg2="";
				$msg3="";
				

				if($verycode!=$_SESSION['verycode'])
				{
					$msg1="<br><font color='#FF0000'>Sorry,invalid verification code.</font>";
					$cansubmit=false;		

				}

				if($chkemail>0)
				{
					$msg3="<br><font color='#FF0000'>Sorry,$email already existed.</font>";
					$cansubmit=false;
				}

				
				if($cansubmit==false)
				{
					require("required/header.php");

?>	

			<table width="100%" cellpadding="6" cellspacing="0">

			<td valign="top" height="400">

				<div class="dw_failed">Invalid</div><br>

				<?= $msg1 ?>

				<?= $msg2 ?>

				<?= $msg3 ?>

				<br><br><br>

				<input type=button value="Back" onClick="history.go(-1)" class="button">

			</td>

			</table>

			<?

				}else{

					$activatecode=(generatePassword()*3)+112233;	

					$insert=mysql_query("insert into os_member(password,email,member_type,member_type_selected,name,membership_number,hpnumber,address1,address2,postcode,city,state,country,activate_code,registerdate,status,service_preferred)
			 		values('$password','$email','N','$member_type','$name','$membership_number','$hpnumber','$address1','$address2','$postcode','$city','$state','$country','$activatecode',now(),'inactivate','$service_preferred')")or die(mysql_error());

					$get_new_id=mysql_query("select id from os_member where email='$email' order by id desc limit 1");
					$get_id=mysql_result($get_new_id,0,"id");

					

					//------------------------ get data -----------------------------------

					$getid=mysql_query("select * from os_member where email='$email'");
					$subject=$websitename_eng." member activation";
					$id=mysql_result($getid,0,'id');
					
					
					
					$_SESSION['loginname']=$name;
					$_SESSION['loginid']=$id;
					$_SESSION['email']=$email;
					$_SESSION['member_status']='inactivate';
				
					if($member_type=="N")
					{	
						email_normal_member_register($id,$activatecode);
					}else{
						email_vip_member_register($id,$activatecode);
					}

					header("Location:os_bill.php?errormsg=3");	

				

				}

			}
			else
			{
				
				$get_id=mysql_result($chk_email,0,"id");
				
				if($discount_voucher!="")
				{
					if(checkDiscountVoucher($discount_voucher)==1)
					{
						$_SESSION['discount_voucher']=$discount_voucher;
						$_SESSION['discount_voucher_id'];
					}
				}else{
					$_SESSION['discount_voucher']="";
					unset($_SESSION['discount_voucher']);
				}
				
				$update=mysql_query("update os_member set name='$name',hpnumber='$hpnumber',address1='$address1',address2='$address2',postcode='$postcode',city='$city',state='$state',country='$country',
				purchase_remarks='$purchase_remarks',service_preferred='$service_preferred' where id=$get_id")or die(mysql_error());
				
				

				$get_details=mysql_query("select * from os_member where email='$email'");

				$b=mysql_fetch_array($get_details,MYSQL_ASSOC);

				$_SESSION['temp_member_id']=$b['id'];

				$title="Check out";
				
				require("required/header.php");
				
				

				$get_place=mysql_query("select * from os_state where id='$state'");

		

	

?>

		

				<table width="100%" cellpadding="6" cellspacing="0">
						<td class="page_title_bar">
							Complete order 
                        </td>						

					<tr>

						<td>

							<table  width='100%' class='text'> 

								<tr>

									<td align='left' colspan="3"><strong><u>Delivery Information</u> [ <a href="os_bill.php?email=<?= $email ?>">Edit</a> ] :</strong></td>

								</tr>
								<?								

								if($b['state']!=0)
								{
									$get_place=mysql_query('select * from os_state where id='.$b['state'])or die(mysql_error());
									$place=mysql_result($get_place,0,'name_eng');
									$state=$place;
								}
								else
								{
									$state='-';
								}

								

								if($b['country']!=0)
								{								

									$get_country=mysql_query('select * from os_country where id='.$b['country'])or die(mysql_error());
									$country=mysql_result($get_country,0,'engname');
									$word_country=$country;
									if(mysql_result($get_country,0,'area_type')=="")
									{
										$area_type="State";
									}else{
										$area_type=mysql_result($get_country,0,'area_type');
									}
								}
								else
								{
									$word_country='Other';
									$area_type="State";
								} 

										

								?>

								<tr>

									<td>Receiver</td><td width="0%">:</td>

									<td width="84%" align='left'>

									<?= $b['name'] ?>

									</td>

								</tr>

								<tr>

									<td>Email</td><td>:</td>

									<td align='left'>									

									<?= $b['email'] ?>

									</td>

								</tr>

								<tr>

									<td>Contact number</td><td>:</td>

									<td align='left'>									

									<?= $b['hpnumber']?>

									</td>

								</tr>
									<tr>
                                    <td width="16%">Preferred Shipping Service</td><td width="0%">:</td><td width="84%"><?= servicepreferred($b['service_preferred']) ?></td>
                                </tr>     
								<tr valign="top">

									<td>Address</td><td>:</td>

									<td align='left'>

									<?= $b['address1'] ?>

									<br>

									<?= $b['address2'] ?>

									</td>

								</tr>

								<tr>

									<td>Postcode</td><td>:</td>

									<td align='left'>

									<?= $b['postcode'] ?>

									</td>

								</tr>

								<tr>

									<td><?= $area_type ?></td><td>:</td>

									<td align='left'>

									<?= $state ?>

									</td>

								</tr>

								<tr>

									<td>Country</td><td>:</td>

									<td align='left'>

										<?= $word_country ?>

									</td>

								</tr>

								<tr>

									<td>Remarks</td><td>:</td><td><?= $b['purchase_remarks'] ?></td>

								</tr>

								

						  </table>

						</td>

					</tr>

					<tr>

						<td>

							<strong><u>Purchase Information</u> [ <a href="os_mycart.php">Edit</a> ] </strong><br>

							<table width="96%" bgcolor="#CCCCCC" cellpadding="1" cellspacing="1" align="left">
								<tr class="table_header" align="center">
									<td width="42%">Product</td><td width="13%">Unit price(<?= $_SESSION['currency_code'] ?>)</td><td width="15%">Product code</td><td width="11%">Quantity</td>
                                    <td width="15%">Total Price(<?= $_SESSION['currency_code'] ?>)</td>
								</tr>

						<?

							$total_item=0;
							$total_piece=0;
							$total_allprice=0;
							$no=0;

							foreach($_SESSION['cart'] as $cartItems)
							{

								$itemId=$cartItems['id'];
								$quantity=$cartItems['quantity'];
								$addon_ids=$cartItems['addon_id'];

								$get_items=mysql_query("select * from os_product_inventory where id=".$itemId);
								$item=mysql_fetch_array($get_items,MYSQL_ASSOC);
								$proId=$item['pid'];

								$get_product=mysql_query("select * from os_products where id=$proId");
								$a=mysql_fetch_array($get_product,MYSQL_ASSOC);
						
								$get_pic=mysql_query("select * from os_productpic where product_id=".$a['id']." order by order_id asc limit 1");
					
								if(mysql_num_rows($get_pic)==0)
								{
									$pic="empty";
									$piclink="noimage.jpg";
									$fix="";
								}
								else
								{
									$pic=mysql_fetch_array($get_pic,MYSQL_ASSOC);
									
									$piclink=$pic['name'];
									
									if($pic["width"]-$pic["height"]>0)
									{
										$fix="width=155";
									}
									else
									{
										$fix="height=130";
									}
								}	
								

								$total_price=0;
							
								if($a['promotion']==1)
								{
									$total_price=$item['promotion_price']*$quantity;		
									$unit_price=$item['promotion_price'];										
								}
								else
								{
									$total_price=$item['unit_price']*$quantity;
									$unit_price=$item['unit_price'];
								}
								
								$total_allprice=$total_allprice+$total_price;
	
								if($no%2==0)
								{
									$class1="table_item_even";
									$class2="table_item_odd";
								}
								else
								{
									$class1="table_item_odd";
									$class2="table_item_even";
								}	

																		

					?>

						<tr height="30" valign="top" class="<?= $class1 ?>"  onmouseover="this.className='table_item_mouseover'" onmouseout="this.className='<?= $class1 ?>'" align="center">

							

							<td>

								<table width="80%" cellpadding="5" align="center">

									<Td width="12%">

										<a href="os_view_full.php?id=<?= $a['id'] ?>"><img border=0 src="productpic/thumbnails/<?= $piclink ?>" <?= $fix ?>></a>

									</Td>

									<td width="88%" valign="top">

										<a href="os_view_full.php?id=<?= $a['id'] ?>"><?= $a['product_name_eng'] ?></a><br>

										<?= $item['description'] ?>

									</td>

								</table>

							</td>

							<td><?= number_format($_SESSION['currency_rate']*$unit_price,2) ?></td>
                            <td><?= $a['product_code'] ?></td>
                            <td><?= $quantity ?></td>

							<td align="right"><?= number_format($_SESSION['currency_rate']*$total_price,2) ?></td>

						</tr>
                         <?
								if(is_array($addon_ids))
								{
							?>
                            <tr height="30" valign="top" class="<?= $class1 ?>"  onmouseover="this.className='table_item_mouseover'" onmouseout="this.className='<?= $class1 ?>'" >
                                  <td colspan="6">
                                      Add-on(s)
                                  </td>									
							</tr>
                            <?		
							
									for($addon=0;$addon<count($addon_ids);$addon++)
									{
										$addon_id=$addon_ids[$addon];
										$get_addon=mysql_query("select * from os_products where id='".$addon_id."'");	
										$ap=mysql_fetch_array($get_addon,MYSQL_ASSOC);
										
										$get_addon_items=mysql_query("select * from os_product_inventory where pid='".$addon_id."' order by id asc limit 1")or die(mysql_error());
										
										$addon_item=mysql_fetch_array($get_addon_items,MYSQL_ASSOC);
										
										$get_pic=mysql_query("select * from os_productpic where product_id='".$addon_id."' order by order_id asc limit 1")or die(mysql_error());
					
										if(mysql_num_rows($get_pic)==0)
										{
											$pic="empty";
											$piclink="noimage.jpg";
											$fix="";
										}
										else
										{
											$pic=mysql_fetch_array($get_pic,MYSQL_ASSOC);
											
											$piclink=$pic['name'];
											
											if($pic["width"]-$pic["height"]>0)
											{
												$fix="width=155";
											}
											else
											{
												$fix="height=130";
											}
										}	
										
										$unit_price=$addon_item['unit_price'];
										$total_price=$quantity*$unit_price;
										
										$total_allprice=$total_allprice+$total_price;
							?>
                            	<tr height="30" valign="top" class="<?= $class1 ?>"  onmouseover="this.className='table_item_mouseover'" onmouseout="this.className='<?= $class1 ?>'" align="center">
									
									<td>
										<table width="80%" cellpadding="5" align="center">
											<Td width="12%">
												<a href="<?= getProductUrl($ap['id'],$ap['clean_url'],$module_url_rewrite) ?> "><img border=0 src="productpic/thumbnails/<?= $piclink ?>" <?= $fix ?>></a>
											</Td>
											<td width="88%" valign="top">
												<a href="<?= getProductUrl($ap['id'],$ap['clean_url'],$module_url_rewrite) ?>"><?= $ap['product_name_eng'] ?></a><br>
												<?= $addon_item['description'] ?>
											</td>
										</table>
									</td>
									<td><?= $ap['product_code'] ?></td>
									<td><?= number_format($_SESSION['currency_rate']*$unit_price,2) ?></td>
									<td><?= $quantity ?></td>
									<td align="right"><?= number_format($_SESSION['currency_rate']*$total_price,2) ?></td>
								</tr>
                            
                            <?
									}
							
								$total_item++;
								$total_piece=$total_piece+$quantity;
								$no++;	
								} 
							
			

							}

						$postage=getShippingCost($service_preferred,$b['country'],$b['state']);

					

					?>
					
					<tr class="table_item_even">

						

						<td align="right" colspan="4"  style="padding-right:10px">Shipping</td><td align="right"><?= number_format($postage,2) ?></td>

					</tr>
					
					<?

						$total_allprice=$total_allprice+$postage;

					?>
					
                    <?
					
						if(!empty($_SESSION['discount_voucher']))
						{
							$get=mysql_query("select * from os_discount_voucher where voucher_code='".$_SESSION['discount_voucher']."'")or die(mysql_error());
		
							$v=mysql_fetch_array($get,MYSQL_ASSOC);
							
							if($v['discount_type']=="P")
							{
								$desc=number_format($v['discount_amount'],0)."% off";
								$discount=($total_allprice*$v['discount_amount'])/100;
								
								$total_allprice=$total_allprice-$discount;
							}
							else
							{
								$desc=" RM".$v['discount_amount']." off";
								$discount=$v['discount_amount'];
								$total_allprice=$total_allprice-$v['discount_amount'];
							}
							
							
					?>
                    <tr class="table_item_even">

						<td colspan="3" align="center">
                        	<?= $desc ?> ( <?= $v['voucher_name'] ?> )
                        </td>

						<td align="center">Discount</td><td align="right"> - <?= number_format($discount,2) ?></td>

					</tr>
                    <?		
							
						}
					?>
                    
                   
                    

					<tr class="table_item_even">

						<td colspan="3"  align="center">

						</td>

						<td align="center">Total <?= $_SESSION['currency_code'] ?></td><td align="right"><font color="#FF0000"><strong><?= number_format($_SESSION['currency_rate']*$total_allprice,2) ?></strong></font> </td>

					</tr>

					

										

					</table>

					</td>

					</tr>

					<script language="Javascript"> 

					function checkRadio (frmName, rbGroupName) { 

					 var radios = document[frmName].elements[rbGroupName]; 

					 for (var i=0; i <radios.length; i++) { 

					  if (radios[i].checked) { 

					   return true; 

					  } 

					 } 

					 return false; 

					} 



					function validateForm(frm1) { 

						if (document.frm1.agree.checked==false) 

						{ 

							alert("You will need to agree to our terms and conditions"); 

							return false;

						} 

						

						return true;

					

					} 

					

					</script> 





					<form action="os_confirmbill.php" method="post" name="frm1" onSubmit="return validateForm(this)">

					<tr align="center">

						<td>

							

							<br>
							<?
								$get_website_name=mysql_query("select website_name from os_contactinfo where id=1");
							?>
							<input type="hidden" value="12sd23DUI71288hD88128" name="paymethod">

							<input type="checkbox" name="agree"> 
							
							I agree to the <a href="os_tnc.php"><u>terms &amp; conditions</u></a> of<strong> <?= mysql_result($get_website_name,0,"website_name") ?> </strong>User Agreement.

						</td>

					</tr>

					<tr>

						<td align="center"><input type="submit" name="btnsubmit" value="Submit Order" class="button" ></td>

					</tr>

					</form>

			  	</table>

			

			

<? 

	}}

	else

	{

		header("Location:os_invalid.php");

	}



	

require("required/footer.php"); ?>	